Microsoft Exchange Server
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Microsoft Exchange Server.
Recent Microsoft Exchange Server Security Advisories
Advisory | Title | Published |
---|---|---|
CVE-2024-49040 | CVE-2024-49040 Microsoft Exchange Server Spoofing Vulnerability | November 12, 2024 |
CVE-2024-26198 | Microsoft Exchange Server Remote Code Execution Vulnerability | March 12, 2024 |
CVE-2024-21410 | Microsoft Exchange Server Elevation of Privilege Vulnerability | February 13, 2024 |
CVE-2023-36439 | Microsoft Exchange Server Remote Code Execution Vulnerability | November 14, 2023 |
CVE-2023-36039 | Microsoft Exchange Server Spoofing Vulnerability | November 14, 2023 |
CVE-2023-36050 | Microsoft Exchange Server Spoofing Vulnerability | November 14, 2023 |
CVE-2023-36035 | Microsoft Exchange Server Spoofing Vulnerability | November 14, 2023 |
CVE-2023-36778 | Microsoft Exchange Server Remote Code Execution Vulnerability | October 10, 2023 |
CVE-2023-36757 | Microsoft Exchange Server Spoofing Vulnerability | September 12, 2023 |
CVE-2023-36745 | Microsoft Exchange Server Remote Code Execution Vulnerability | September 12, 2023 |
By the Year
In 2025 there have been 0 vulnerabilities in Microsoft Exchange Server. Last year, in 2024 Exchange Server had 3 security vulnerabilities published. Right now, Exchange Server is on track to have less security vulnerabilities in 2025 than it did last year.
Year | Vulnerabilities | Average Score |
---|---|---|
2025 | 0 | 0.00 |
2024 | 3 | 8.70 |
2023 | 27 | 8.13 |
2022 | 18 | 7.81 |
2021 | 31 | 7.84 |
2020 | 14 | 7.74 |
2019 | 12 | 7.23 |
2018 | 16 | 6.58 |
It may take a day or so for new Exchange Server vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Microsoft Exchange Server Security Vulnerabilities
Microsoft Exchange Server Spoofing Vulnerability
CVE-2024-49040
7.5 - High
- November 12, 2024
Microsoft Exchange Server Spoofing Vulnerability
User Interface (UI) Misrepresentation of Critical Information
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2024-26198
8.8 - High
- March 12, 2024
Microsoft Exchange Server Remote Code Execution Vulnerability
Exchange Server Privilege Escalation via Net-NTLMv2 hash
CVE-2024-21410
9.8 - Critical
- February 13, 2024
Microsoft Exchange Server Elevation of Privilege Vulnerability
Microsoft Exchange Server Spoofing Vulnerability
CVE-2023-36035
8 - High
- November 14, 2023
Microsoft Exchange Server Spoofing Vulnerability
Microsoft Exchange Server Spoofing Vulnerability
CVE-2023-36039
8 - High
- November 14, 2023
Microsoft Exchange Server Spoofing Vulnerability
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-36439
8 - High
- November 14, 2023
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server Spoofing Vulnerability
CVE-2023-36050
8 - High
- November 14, 2023
Microsoft Exchange Server Spoofing Vulnerability
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-36778
8 - High
- October 10, 2023
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-36744
8 - High
- September 12, 2023
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-36745
8 - High
- September 12, 2023
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-36756
8 - High
- September 12, 2023
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server Spoofing Vulnerability
CVE-2023-36757
8 - High
- September 12, 2023
Microsoft Exchange Server Spoofing Vulnerability
Microsoft Exchange Server Information Disclosure Vulnerability
CVE-2023-36777
5.7 - Medium
- September 12, 2023
Microsoft Exchange Server Information Disclosure Vulnerability
Microsoft Exchange Remote Code Execution Vulnerability
CVE-2023-35368
8.8 - High
- August 08, 2023
Microsoft Exchange Remote Code Execution Vulnerability
Microsoft Exchange Server Spoofing Vulnerability
CVE-2023-38181
8.8 - High
- August 08, 2023
Microsoft Exchange Server Spoofing Vulnerability
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-38182
8 - High
- August 08, 2023
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-38185
8.8 - High
- August 08, 2023
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server Elevation of Privilege Vulnerability
CVE-2023-21709
9.8 - Critical
- August 08, 2023
Microsoft Exchange Server Elevation of Privilege Vulnerability
Improper Restriction of Excessive Authentication Attempts
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-35388
8 - High
- August 08, 2023
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-28310
8 - High
- June 14, 2023
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-32031
8.8 - High
- June 14, 2023
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-21706
8.8 - High
- February 14, 2023
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-21707
8.8 - High
- February 14, 2023
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-21710
7.2 - High
- February 14, 2023
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-21529
8.8 - High
- February 14, 2023
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server Spoofing Vulnerability
CVE-2023-21745
8 - High
- January 10, 2023
Microsoft Exchange Server Spoofing Vulnerability
Microsoft Exchange Server Elevation of Privilege Vulnerability
CVE-2023-21764
7.8 - High
- January 10, 2023
Microsoft Exchange Server Elevation of Privilege Vulnerability
Microsoft Exchange Server Elevation of Privilege Vulnerability
CVE-2023-21763
7.8 - High
- January 10, 2023
Microsoft Exchange Server Elevation of Privilege Vulnerability
Microsoft Exchange Server Information Disclosure Vulnerability
CVE-2023-21761
7.5 - High
- January 10, 2023
Microsoft Exchange Server Information Disclosure Vulnerability
Microsoft Exchange Server Spoofing Vulnerability
CVE-2023-21762
8 - High
- January 10, 2023
Microsoft Exchange Server Spoofing Vulnerability
Microsoft Exchange Server Spoofing Vulnerability
CVE-2022-41078
8 - High
- November 09, 2022
Microsoft Exchange Server Spoofing Vulnerability
Microsoft Exchange Server Spoofing Vulnerability
CVE-2022-41079
8 - High
- November 09, 2022
Microsoft Exchange Server Spoofing Vulnerability
Microsoft Exchange Server Elevation of Privilege Vulnerability
CVE-2022-41080
8.8 - High
- November 09, 2022
Microsoft Exchange Server Elevation of Privilege Vulnerability
Microsoft Exchange Server Elevation of Privilege Vulnerability
CVE-2022-41123
7.8 - High
- November 09, 2022
Microsoft Exchange Server Elevation of Privilege Vulnerability
Microsoft Exchange Server Elevation of Privilege Vulnerability
CVE-2022-41040
8.8 - High
- October 03, 2022
Microsoft Exchange Server Elevation of Privilege Vulnerability
SSRF
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2022-41082
8 - High
- October 03, 2022
Microsoft Exchange Server Remote Code Execution Vulnerability
Marshaling, Unmarshaling
Microsoft Exchange Server Information Disclosure Vulnerability
CVE-2022-34692
5.3 - Medium
- August 09, 2022
Microsoft Exchange Server Information Disclosure Vulnerability
Microsoft Exchange Server Information Disclosure Vulnerability
CVE-2022-21979
4.8 - Medium
- August 09, 2022
Microsoft Exchange Server Information Disclosure Vulnerability
Microsoft Exchange Server Elevation of Privilege Vulnerability
CVE-2022-21980
8 - High
- August 09, 2022
Microsoft Exchange Server Elevation of Privilege Vulnerability
Microsoft Exchange Server Elevation of Privilege Vulnerability
CVE-2022-24477
8 - High
- August 09, 2022
Microsoft Exchange Server Elevation of Privilege Vulnerability
Microsoft Exchange Server Elevation of Privilege Vulnerability
CVE-2022-24516
8 - High
- August 09, 2022
Microsoft Exchange Server Elevation of Privilege Vulnerability
Microsoft Exchange Server Information Disclosure Vulnerability
CVE-2022-30134
6.5 - Medium
- August 09, 2022
Microsoft Exchange Server Information Disclosure Vulnerability
Microsoft Exchange Server Elevation of Privilege Vulnerability
CVE-2022-21978
8.2 - High
- May 10, 2022
Microsoft Exchange Server Elevation of Privilege Vulnerability
Microsoft Exchange Server Spoofing Vulnerability
CVE-2022-24463
6.5 - Medium
- March 09, 2022
Microsoft Exchange Server Spoofing Vulnerability
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2022-23277
8.8 - High
- March 09, 2022
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2022-21969
9 - Critical
- January 11, 2022
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2022-21855
9 - Critical
- January 11, 2022
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2022-21846
9 - Critical
- January 11, 2022
Microsoft Exchange Server Remote Code Execution Vulnerability
Microsoft Exchange Server Spoofing Vulnerability
CVE-2021-42305
6.5 - Medium
- November 10, 2021
Microsoft Exchange Server Spoofing Vulnerability
Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2021-42321
8.8 - High
- November 10, 2021
Microsoft Exchange Server Remote Code Execution Vulnerability
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Microsoft Exchange Server or by Microsoft? Click the Watch button to subscribe.
